Skillv1.0.5

ClawScan security

materials-science-figure-skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 16, 2026, 6:17 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, runtime instructions, and requested environment variables align with its stated purpose (Gemini-compatible image generation and local plotting); nothing appears disproportionate or covert.
Guidance: This skill appears to do what it says: local plotting (plot mode) and Gemini-style image generation (image mode). Before installing, consider: 1) Only set NANOBANANA_API_KEY and NANOBANANA_BASE_URL for a provider you trust — image inputs and the API key will be sent to that endpoint. Prefer the official Google endpoint; enabling third-party endpoints requires an explicit allow flag or env var. 2) Use NANOBANANA_API_KEY_FILE or environment variables rather than putting keys on the command line to avoid shell-history exposure. 3) plot mode runs entirely locally and does not require network access or an API key. 4) Ensure your environment has the required Python packages (matplotlib, numpy) and/or Node if you plan to use the JS CLI — these dependencies are not auto-installed. 5) Review any third-party base_url carefully because it will receive uploaded images and the API key. Overall the skill is coherent and proportionate, not suspicious, but follow the guidance above to reduce operational risk.

Review Dimensions

Purpose & Capability: okName/description, required env vars (NANOBANANA_API_KEY, NANOBANANA_BASE_URL), and the included Python/optional Node scripts all match the declared purpose of Gemini-style image generation and local publication plotting. The JS files are presented as an optional parity CLI and Python is the canonical runtime — this is consistent.
Instruction Scope: okSKILL.md instructs the agent to build prompts, optionally run local plotting, and call a Gemini-compatible generateContent endpoint with API key and any input images. The instructions confine file reads/writes to included templates, prompt/spec files, and output directories; they explicitly require explicit consent to use third-party endpoints. There are no instructions to read unrelated system files or exfiltrate arbitrary environment variables.
Install Mechanism: noteThis is instruction-only (no install spec), which is low-risk. However, the bundled scripts depend on Python libraries (matplotlib, numpy) and Node's fetch/runtime for the JS parity CLI; those dependencies are not declared in an install spec. You will need an appropriate Python environment (and possibly Node) to run the scripts.
Credentials: okOnly NANOBANANA_API_KEY and NANOBANANA_BASE_URL (plus optional NANOBANANA_API_KEY_FILE and NANOBANANA_ALLOW_THIRD_PARTY) are requested, which is proportionate to calling a Gemini-compatible API. The primaryEnv is the API key, which is expected. The skill also documents safer key handling (API key file, avoiding CLI exposure).
Persistence & Privilege: okNo elevated privileges requested. always is false and disable-model-invocation is true (agent will not autonomously invoke the skill), and the skill does not attempt to modify other skills or system-wide settings.